useradd/usermod: add --selinux-range argument
Add a command line argument to useradd(8) and usermod(8) to specify the MLS range for a SELinux user mapping. Improves: #676
This commit is contained in:
Christian Göttsche
committed by
Iker Pedrosa
Iker Pedrosa
parent
97f79e3b27
commit
c80788a3ac
@@ -570,13 +570,31 @@
|
||||
<listitem>
|
||||
<para>
|
||||
defines the SELinux user for the new account. Without this
|
||||
option, a SELinux uses the default user. Note that the
|
||||
option, SELinux uses the default user. Note that the
|
||||
shadow system doesn't store the selinux-user, it uses
|
||||
<citerefentry><refentrytitle>semanage</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> for that.
|
||||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term>
|
||||
<option>--selinux-range</option> <replaceable>SERANGE</replaceable>
|
||||
</term>
|
||||
<listitem>
|
||||
<para>
|
||||
defines the SELinux MLS range for the new account. Without this
|
||||
option, SELinux uses the default range. Note that the
|
||||
shadow system doesn't store the selinux-range, it uses
|
||||
<citerefentry><refentrytitle>semanage</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> for that.
|
||||
</para>
|
||||
<para>
|
||||
This option is only valid if the <option>-Z</option> (or
|
||||
<option>--selinux-user</option>) option is specified.
|
||||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
|
||||
<refsect2 id='changing_the_default_values'>
|
||||
|
||||
@@ -510,6 +510,23 @@
|
||||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term>
|
||||
<option>--selinux-range</option> <replaceable>SERANGE</replaceable>
|
||||
</term>
|
||||
<listitem>
|
||||
<para>
|
||||
defines the SELinux MLS range for the new account.
|
||||
Note that the shadow system doesn't store the selinux-range,
|
||||
it uses <citerefentry><refentrytitle>semanage</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> for that.
|
||||
</para>
|
||||
<para>
|
||||
This option is only valid if the <option>-Z</option> (or
|
||||
<option>--selinux-user</option>) option is specified.
|
||||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
</refsect1>
|
||||
|
||||
|
||||
Reference in New Issue
Block a user